Permission 资源类型Permission resource type

Permission 资源提供为 DriveItem 资源授予的共享权限的相关信息。The Permission resource provides information about a sharing permission granted for a DriveItem resource.

共享权限具有许多不同的形式。Sharing permissions have a number of different forms. Permission 资源通过资源上的 facet 表示这些不同的形式。The Permission resource represents these different forms through facets on the resource.

JSON 表示形式JSON representation

下面是资源的 JSON 表示形式。Here is a JSON representation of the resource

{
  "id": "string (identifier)",
  "grantedTo": {"@odata.type": "microsoft.graph.identitySet"},
  "inheritedFrom": {"@odata.type": "microsoft.graph.itemReference"},
  "invitation": {"@odata.type": "microsoft.graph.sharingInvitation"},
  "link": {"@odata.type": "microsoft.graph.sharingLink"},
  "roles": ["string"],
  "shareId": "string"
}

属性Properties

属性Property 类型Type 说明Description
idid StringString 在项目的所有权限中,某个权限的唯一标识符。只读。The unique identifier of the permission among all permissions on the item. Read-only.
grantedTograntedTo IdentitySetIdentitySet 对于用户类型权限,此权限的用户和应用程序的详细信息。只读。For user type permissions, the details of the users & applications for this permission. Read-only.
邀请invitation SharingInvitationSharingInvitation 此权限的全部关联共享邀请的详细信息。只读。Details of any associated sharing invitation for this permission. Read-only.
inheritedFrominheritedFrom ItemReferenceItemReference 如果当前权限继承自上级,则提供对当前权限的上级的引用。只读。Provides a reference to the ancestor of the current permission, if it is inherited from an ancestor. Read-only.
linklink SharingLinkSharingLink 如果当前权限是链接类型权限,则提供当前权限的链接详细信息。只读。Provides the link details of the current permission, if it is a link type permissions. Read-only.
rolesroles Collection of StringCollection of String 权限类型,例如 read。有关角色的完整列表,请参阅如下内容。只读。The type of permission, e.g. read. See below for the full list of roles. Read-only.
shareIdshareId StringString 可通过 shares API 访问此共享项目的唯一令牌。只读。A unique token that can be used to access this shared item via the shares API. Read-only.

permission 资源使用 Facet 说明此资源表示的权限种类。The permission resource uses facets to provide information about the kind of permission represented by the resource.

具有[链接] SharingLink facet 的权限表示在该项上创建的共享链接。共享链接包含一个唯一令牌,可以为具有上述链接的任何人提供对项目的访问权限。Permissions with a link facet represent sharing links created on the item. Sharing links contain a unique token that provides access to the item for anyone with the link.

具有 Invitation Facet 的权限表示通过邀请特定用户或组访问文件而添加的权限。Permissions with an invitation facet represent permissions added by inviting specific users or groups to have access to the file.

角色枚举Roles enumeration

角色Role 详细信息Details
read 提供读取项的元数据和内容的功能。Provides the ability to read the metadata and contents of the item.
write 提供读取并修改项的元数据和内容的功能。Provides the ability to read and modify the metadata and contents of the item.
sp.owner 对于 SharePoint 和 OneDrive for Business,这表示所有者角色。For SharePoint and OneDrive for Business this represents the owner role.
sp.member 对于 SharePoint 和 OneDrive for Business,这表示成员角色。For SharePoint and OneDrive for Business this represents the member role.

最常见的权限类型是共享链接。 共享链接提供唯一 URL,其中包含要共享的资源,以及提供对此资源的访问权限的身份验证令牌。 用户无需登录,即可访问通过共享链接共享的内容。 用户可以共享链接,从而提供对内容的只读权限或写入权限。The most common type of permissions are sharing links. Sharing links provide a unique URL that includes both the resource being shared and an authentication token that provides access to the resource. Users don't need to sign-in to access the content shared with a sharing link. Users can share a link that gives read-only access to the content or writable access to the content.

查看链接提供对项的只读权限。A view link provides read-only access to an item.

{
  "id": "1",
  "roles": ["read"],
  "link": {
    "type": "view",
    "webUrl": "https://onedrive.live.com/redir?resid=5D33DD65C6932946!70859&authkey=!AL7N1QAfSWcjNU8&ithint=folder%2cgif",
    "application": { "id": "1234", "displayName": "Sample Application" }
  },
  "shareId": "!LKj1lkdlals90j1nlkascl"
}

编辑链接提供对项的读取和写入权限。An edit link provides read and write access to an item.

{
  "id": "2",
  "roles": ["write"],
  "link": {
    "type": "edit",
    "webUrl": "https://onedrive.live.com/redir?resid=5D33DD65C6932946!70859&authkey=!AL7N1QAfSWcjNU8&ithint=folder%2cgif",
    "application": { "id": "1234", "displayName": "Sample Application" }
  },
  "shareId": "!LKj1lkdlals90j1nlkascl"
}

共享邀请Sharing Invitation

除了创建共享链接之外,还可以通过电子邮件地址邀请用户。 在此方案中,权限创建的是发送到用户电子邮件地址的邀请。In addition to creating sharing links, a user can be invited by e-mail address. In this scenario the permission creates an invitation that is sent to the user's email.

发送到电子邮件地址的邀请Invitation to an email address

如果权限是通过电子邮件地址发送给没有匹配帐户的接收者,那么在用户首次单击链接并登录以兑换邀请前,可能无法设置 grantedTo 属性。If the permission was sent via an email address to a recipient who does not have a matching account, the grantedTo property may not be set until the invitation is redeemed, which occurs the first time a user clicks the link and signs in.

{
  "id": "1",
  "roles": ["write"],
  "invitation": {
    "email": "jd@gmail.com",
    "signInRequired": true
  },
  "shareId": "FWxc1lasfdbEAGM5fI7B67aB5ZMPDMmQ11U"
}

在用户兑换共享邀请后,grantedTo 属性将包含兑换权限的帐户的相关信息:After the sharing invitation has been redeemed by a user, the grantedTo property will contain the information about the account that redeemed the permissions:

{
  "id": "1",
  "roles": ["write"],
  "grantedTo": {
    "user": {
      "id": "5D33DD65C6932946",
      "displayName": "John Doe"
    }
  },
  "invitation": {
    "email": "jd@outlook.com",
    "signInRequired": true
  },
  "shareId": "FWxc1lasfdbEAGM5fI7B67aB5ZMPDMmQ11U"
}

方法Methods

方法Method REST 路径REST Path
列出权限List permissions GET /drive/items/{item-id}/permissions
获取权限Get permission GET /drive/items/{item-id}/permissions/{id}
添加Add POST /drive/items/{item-id}/invite
更新Update PATCH /drive/items/{item-id}/permissions/{id}
删除Delete DELETE /drive/items/{item-id}/permissions/{id}

注解Remarks

OneDrive for Business 和 SharePoint 文档库不返回 inheritedFrom 属性。OneDrive for Business and SharePoint document libraries do not return the inheritedFrom property.